<?php
if( !$PARAPARA || !$PARAPARA->is_admin() )
    return;

ipb_topmenu();
$do = $_GET['do'];
if(!$do)
    $do = 'list';

echo "<div id='padm_ipb'>\n";
echo "<h2>IP Blocks</h2>\n";
if( $do == 'list' ) {
    ipb_show_list();
}
elseif( $do == 'new' ) {
    ipb_editform( null );
} 
elseif( $do == 'form_action') {
    if( $_POST['cancel'])
        ipb_show_list();
    else {
        $params = ipb_validate_form();
        if( $params['status'] != 'ok' ) {
            ipb_editform( $params );
        }
        else {
            ipb_update_db( $params );
            echo "<div>all-right</div>";
        }
    }
}
elseif ( $do == 'edit' ) {
    $id = $_GET['id'];
    if( preg_match('/^\d+$/', $id) ) {
        $block = $PARAPARA->dblayer->get_ipblock_by_id( $id );
        if( $block ) {
            ipb_editform( array( 
                             'id'              => $block->id,
                             'name'            => $block->name,
                             'definition'      => $block->definition,
                             'message'         => $block->message,
                             'active'          => $block->active,
                             'block_viewing'   => $block->block_viewing,
                             'block_logged_in' => $block->block_logged_in,
                             ) );
        }
        else
            padm_warn("This IP Block was not found.");
    }
    else
        padm_warn("Illegal id for IP block given");
}
elseif( $do == 'delete' ) {
    $id = $_GET['id'];
    if( preg_match('/^\d+$/', $id) ) {
        $deleted = $PARAPARA->dblayer->delete_ipblock( $id );
        if( $deleted )
            padm_info("IP Block with id=$id is gone");
        else
            padm_warn("IP Block not found and not deleted");
    }    
    else
        padm_warn("Illegal id for IP block given");

}

echo "</div>";
return;


function ipb_topmenu() {
    echo "<div class=\"padm_submenu\">",
        "<span class='item'><a href=\"admin.php?sec=ipblock&do=list\">List Blocks</a></span>",
        "<span class='item'><a href=\"admin.php?sec=ipblock&do=new\">Create New IP Block</a></span>",
        "</div>";

}


function ipb_checkbox( $name, $checked ) {
    $chtag = $checked ? " checked='checked'": '';
    return
        "<input name='$name' value='1'$chtag/>";
}


function ipb_editform( $param ) {

    if( $param == null )
        $param = array( 'active' => 1 );


    if( $param['id'] )
        echo "<h3>Edit IP Block</h3>";
    else
        echo "<h3>Create IP Block</h3>";

    $sf_name       = htmlspecialchars( $param['name'] );
    $sf_definition = htmlspecialchars( $param['definition'] );
    $sf_message    = htmlspecialchars( $param['message'] );

    $chk_viewing   = $param['block_viewing']   ? "checked='checked'" : "";
    $chk_logged_in = $param['block_logged_in'] ? "checked='checked'" : "";
    $chk_active    = $param['active']          ? "checked='checked'" : "";


    $mark = '*';
    $nomark = '';
    $mark_name       = $param['err:name']       ? $mark : $nomark;
    $mark_definition = $param['err:definition'] ? $mark : $nomark;
    $mark_message    = $param['err:message']    ? $mark : $nomark;

    

    if( $param['status'] != 'ok') {
        $errorstrings = array(
            'err:name' => "Malformed rule name",
            'err:definition' => "Definition error. Should be an IP addres or /24 range",
            'err:message'    => "The message is just too long",
            );

        echo "<div class='error'>\n";
        foreach( $errorstrings as $key => $string ) {
            if( $param[ $key ] )
                echo "<div>", $string, "</div>\n";
        }
        echo "</div>\n";
    }


    echo '<form action="?sec=ipblock&do=form_action" method="POST">' . "\n";
    if( $param['id'] )
        echo "<input type='hidden' name='id' value='", htmlspecialchars( $param['id'] ), "' />\n";


    echo "<table id='padm_ipb_edit_table'>\n";

    echo "<tr>\n";
    echo "<td class='mark'>$mark_name</td>\n";
    echo "<td class='label'>Name:</td>\n";
    echo "<td class='value'>",
        "<input name='name' type='text' value='$sf_name' class='text'/>",
        "</td>\n";
    echo "</tr>\n";

    echo "<tr>\n";
    echo "<td class='mark'>$mark_definition</td>\n";
    echo "<td class='label'>Definition:</td>\n";
    echo "<td class='value'>",
        "<input name='definition' type='text' value='$sf_definition' class='text'/>",
        "</td>\n";
    echo "</tr>\n";

    echo "<tr>\n";
    echo "<td class='mark'>$mark_message</td>\n";
    echo "<td class='label'>Message:</td>\n";
    echo "<td class='value'>",
        "<textarea  cols='50' rows='4' name='message'>$sf_message</textarea>",
        "</td>\n";
    echo "</tr>\n";

    echo "<tr>\n";
    echo "<td class='mark'></td>\n";
    echo "<td class='label'>Block viewing:</td>";
    echo "<td class='value'>",
        "<input name='block_viewing' type='checkbox' value='1' $chk_viewing/>",
        "</td>";
    echo "</tr>\n";

    echo "<tr>\n";
    echo "<td class='mark'></td>\n";
    echo "<td class='label'>Block logged in:</td>";
    echo "<td class='value'>",
        "<input name='block_logged_in' type='checkbox' value='1' $chk_logged_in/>",
        "</td>";
    echo "</tr>\n";

    echo "<tr>\n";
    echo "<td class='mark'></td>\n";
    echo "<td class='label'>This block is active:</td>";
    echo "<td class='value'>",
        "<input name='active' type='checkbox' value='1' $chk_active/>",
        "</td>";
    echo "</tr>\n";

    echo "<tr>\n";
    echo "<td class='buttons' colspan='3'>",
        "<button name='submit' class='padm_button' type='submit' value='1'>Submit</button>", 
        "<button name='cancel' class='padm_button' type='submit' value='1'>Cancel</button>",
        "</td>";
    echo "</tr>\n";

    echo "</table>\n";
    echo "</form>";
}

function ipb_update_db( $param ) {
    global $PARAPARA;
    $dbl = $PARAPARA->dblayer;

    $block = new IPBlock(
        $param['id'],
        $param['name'],
        null,
        $param['definition'],
        $param['message'],
        $param['block_logged_in'],
        $param['block_viewing'],
        $param['active']
        ); 

    //echo "<pre>", var_dump( $block ), "</pre>";

    $block = $dbl->save_ipblock( $block );
    return $block->id;
}


function ipb_validate_form() {
    $param = array();
    $errcount = 0;

    if($_POST['id'])
        $param['id'] = $_POST['id'];

    $param['name']       = $_POST['name'];
    $param['definition'] = $_POST['definition'];
    $param['message']    = $_POST['message'];

    $param['block_logged_in'] = $_POST['block_logged_in'] ? 1: 0;
    $param['block_viewing']   = $_POST['block_viewing'] ? 1: 0;
    $param['active']          = $_POST['active'] ? 1: 0;

    if(!preg_match('/^\w.{0,59}$/ui', $param['name'])) {
        $errcount++;
        $param['err:name'] = 1;
    }

    if(!IPBlock::isLegalDefinition( $param['definition'])) {
        $errcount++;
        $param['err:definition'] = 1;
    }

    if(!preg_match('/^.{0,200}$/ui', $param['message'])) {
        $errcount++;
        $param['err:message'] = 1;
    }


    if( $errcount == 0 )
        $param['status'] = 'ok';
    else
        $param['status'] = 'error';

    return $param;
}


function ipb_show_list() {
    global $PARAPARA;
    $dbl = $PARAPARA->dblayer;

    $blocks = $dbl->get_ipblocks();
    echo "<h3>List of Blocked IPs</h3>";

    if(!sizeof($blocks)) {
        padm_info( "No IP blocks. That's great!" );
    }
    else {
        echo "<table id='padm_ipb_list'>\n";
        echo "<thead>\n";
        echo "<tr>\n";
        echo 
            "<th>#id</th>",
            "<th>IP number</th>",
            "<th>Name</th>",
            "<th>active?</th>",
            "<th>block viewing?</th>",
            "<th>block logged in?</th>",
            "<th>actions</th>\n";
        echo "</tr>\n";
        echo "</thead>\n";

        foreach ($blocks as $block ) {
            $bclass = 'active';
            if(!$block->active)
                $bclass = 'passive';

            $active_string = $block->active          ? 'yes' : 'no';
            $bv_string     = $block->block_viewing   ? 'yes' : 'no';
            $bli_string     = $block->block_logged_in ? 'yes' : 'no';

            echo "<tr>\n",

                "<td class='$bclass'>", htmlspecialchars( $block->id ), "</td>\n",
                "<td class='$bclass'>", htmlspecialchars( $block->definition ), "</td>\n",
                "<td class='$bclass'>", htmlspecialchars( $block->name ), "</td>\n",
                "<td class='$bclass'>", $active_string, "</td>\n",
                "<td class='$bclass'>", $bv_string, "</td>\n",
                "<td class='$bclass'>", $bli_string, "</td>\n",
                "<td class='$bclass'>", 
                "<a href='?sec=ipblock&do=edit&id=$block->id'>edit</a>", "&nbsp;|&nbsp; ",
                "<a href='?sec=ipblock&do=delete&id=$block->id'>delete</a>",
                "</td>\n";
            echo "</tr>";
        }
        echo "</table>\n";
    }
}




?>

